<?php
    include("includes/eregs/function.valid_postcode.php");
    include("includes/eregs/function.valid_email.php");
    include("includes/eregs/function.valid_phonenr.php");
    include("includes/eregs/function.valid_host.php");            

    isset($_POST['useropslaan']) ? $userid = $_POST['userid'] : $userid = $_GET['id'];
    //check if there has been searched before editing the user, if yes then the search parameter will be inserted in $zoekopdracht
    if(isset($_GET['zoeken']))
        {
            $zoekopdracht = $_GET['zoeken'];
    }elseif(isset($_POST['zoeken'])){
            $zoekopdracht = $_POST['zoeken'];
        }

    if(isset($zoekopdracht) && $zoekopdracht != "")
        {
            $zoekurl = "?p=users&zoeken=".$zoekopdracht;
    }else{
            $zoekurl = "?p=users";
        }

    $sqluser = "SELECT * FROM vvtbl_users WHERE user_id = ".$userid;
    $queryuser = $db->sql_query($sqluser);
    $result = $db->sql_fetch_array($queryuser);

    $sqlplaats = "SELECT * FROM vvtbl_locations ORDER BY loc_name ASC";
    $queryplaats = $db->sql_query($sqlplaats);

    echo isset($validpostcode) && $validpostcode === false ? "<script type='text/javascript'>setbg('userzip');</script>" : "";
    echo isset($validemail) && $validemail === false ? "<script type='text/javascript'>setbg('useremail');</script>" : "";
    echo isset($validphonehome) && $validphonehome === false ? "<script type='text/javascript'>setbg('userphonehome');</script>" : "";
    echo isset($validphonemobile) && $validphonemobile === false ? "<script type='text/javascript'>setbg('userphonemobile');</script>" : "";
    echo isset($validphonebusiness) && $validphonebusiness === false ? "<script type='text/javascript'>setbg('userphonebusiness');</script>" : "";
    echo isset($validstreetno) && $validstreetno === false ? "<script type='text/javascript'>setbg('userstreetno');</script>" : "";
    echo isset($validhost) && $validhost === false ? "<script type='text/javascript'>setbg('userwebsite');</script>" : "";
    echo isset($_POST['useropslaan']) ? "<script type='text/javascript' src='scripts/checkrequired.js'></script>" : "";

    if(isset($_POST['useropslaan']))
        {
            $searchfor = array(" ", "&nbsp;", "&nbsp");

            $post_userpassword = str_replace($searchfor , "", $_POST['userpassword']);
            $post_userfirstname = str_replace($searchfor , "", $_POST['userfirstname']);
            $post_userlastname = str_replace($searchfor , "", $_POST['userlastname']);

            echo $post_userfirstname == '' ? "<script type='text/javascript'>setbg('userfirstname');</script>" : "";
            echo $post_userlastname == '' ? "<script type='text/javascript'>setbg('userlastname');</script>" : "";
        }

    if(isset($_POST['useropslaan']) && isset($validemail) && $validemail === true && $validpostcode === true && $validphonehome === true && $validphonemobile === true && $validphonebusiness === true && $validstreetno === true && $validhost === true && $post_userfirstname != ''  && $post_userlastname != '')
        {
            $_POST['useremail'] = htmlentities($_POST['useremail'], ENT_QUOTES);
            $_POST['userfirstname'] = htmlentities($_POST['userfirstname'], ENT_QUOTES);
            $_POST['usermidname'] = htmlentities($_POST['usermidname'], ENT_QUOTES);
            $_POST['userlastname'] = htmlentities($_POST['userlastname'], ENT_QUOTES);
            $_POST['userfirstletters'] = htmlentities($_POST['userfirstletters'], ENT_QUOTES);
            $_POST['userhometown'] = htmlentities($_POST['userhometown'], ENT_QUOTES);
            $_POST['userstreet'] = htmlentities($_POST['userstreet'], ENT_QUOTES);
            $_POST['userabout'] = htmlentities($_POST['userabout'], ENT_QUOTES);
            $_POST['userstreetnoadd'] = htmlentities($_POST['userstreetnoadd'], ENT_QUOTES);
            $_POST['userwebsite'] = htmlentities($_POST['userwebsite'], ENT_QUOTES);
            $_POST['userwebsitename'] = htmlentities($_POST['userwebsitename'], ENT_QUOTES);

            $geboortedatum = $_POST['userbirthday']." ".$_POST['userbirthmonth']." ".$_POST['userbirthyear'];
            if($_POST['userpassword'] != ""){
                $userpassword = $string->secure($_POST['userpassword'], 'password');
                $sql = "UPDATE vvtbl_users SET user_pass='".$userpassword."', user_email='".$_POST['useremail']."', user_type='".$_POST['usertype']."', user_active='".$_POST['useractive']."', user_level='".$_POST['userlevel']."', user_firstname='".$_POST['userfirstname']."', user_tussenvoegsel='".$_POST['usermidname']."', user_lastname='".$_POST['userlastname']."', user_firstletters='".$_POST['userfirstletters']."', user_datebirth='".$geboortedatum."', user_hometown='".$_POST['userhometown']."', user_zip='".$_POST['userzip']."', user_street='".$_POST['userstreet']."', user_street_no='".$_POST['userstreetno']."', user_street_no_add='".$_POST['userstreetnoadd']."', user_phone_home='".$_POST['userphonehome']."', user_phone_mobile='".$_POST['userphonemobile']."', user_phone_business='".$_POST['userphonebusiness']."', user_about='".$_POST['userabout']."', user_website='".$_POST['userwebsite']."', user_website_name='".$_POST['userwebsitename']."' WHERE user_id = ".$userid;
            }else{
                $sql = "UPDATE vvtbl_users SET user_email='".$_POST['useremail']."', user_type='".$_POST['usertype']."', user_active='".$_POST['useractive']."', user_level='".$_POST['userlevel']."', user_firstname='".$_POST['userfirstname']."', user_tussenvoegsel='".$_POST['usermidname']."', user_lastname='".$_POST['userlastname']."', user_firstletters='".$_POST['userfirstletters']."', user_datebirth='".$geboortedatum."', user_hometown='".$_POST['userhometown']."', user_zip='".$_POST['userzip']."', user_street='".$_POST['userstreet']."', user_street_no='".$_POST['userstreetno']."', user_street_no_add='".$_POST['userstreetnoadd']."', user_phone_home='".$_POST['userphonehome']."', user_phone_mobile='".$_POST['userphonemobile']."', user_phone_business='".$_POST['userphonebusiness']."', user_about='".$_POST['userabout']."', user_website='".$_POST['userwebsite']."', user_website_name='".$_POST['userwebsitename']."' WHERE user_id = ".$userid;
                }
            $db->sql_query($sql);
            header("location: ".$zoekurl);
    }elseif(isset($_POST['useropslaan'])){
            errortop('U heeft niet alle velden correct ingevuld!');
        }

    $maanden = array('januari', 'februari', 'maart', 'april', 'mei', 'juni', 'juli', 'augustus', 'september', 'oktober', 'november', 'december');
	echo"<form name='adduser' action='?p=users&act=edit' method='POST' target='_self'><table class='users_add'>
    <input type='hidden' name='userid' value='"; echo isset($_POST['useropslaan']) ? $_POST['userid'] : $_GET['id']; echo"' />
    <input type='hidden' name='zoeken' value='"; echo isset($zoekopdracht) ? $zoekopdracht : ""; echo"' />
    <th colspan=2>Account Bewerken</th>
    <tr><td class='pages_add_form_name'>Gebruikersnaam <br /><span class='description'>(De gebruikersnaam waarmee de gebruiker kan inloggen)</span></td><td class='pages_add_form_field'><input class='users_add_input_formL' disabled='disabled' id='username' name='username' value='".$result['username']."'/></td></tr>
    <tr><td class='pages_add_form_name'>Nieuw wachtwoord <br /><span class='description'>(Hier kunt u een nieuw wachtwoord opgeven voor de gebruiker, als u deze leeg laat verandert het wachtwoord niet)</span></td><td class='pages_add_form_field'><input class='users_add_input_formL' tabindex='1' id='userpassword' name='userpassword' "; echo isset($_POST['useropslaan']) ? "value='".htmlentities($_POST['userpassword'], ENT_QUOTES)."'" : ""; echo"/></td></tr>
    <tr><td class='pages_add_form_name'>Type gebruiker * <br /><span class='description'>(Het type gebruiker, is de gebruiker een vrijwilliger die zich aanbiedt of een werkgever die een vrijwilliger zoekt?)</span></td><td class='pages_add_form_field'><select class='users_add_input_formL required' tabindex='2' id='usertype' name='usertype' size='1'>";
    if(isset($_POST['useropslaan']))
        {
            echo $_POST['usertype'] == 1 ? "<option value='1' selected='selected'>Vrijwilliger</option>" : "<option value='1'>Vrijwilliger</option>";
            echo $_POST['usertype'] == 2 ? "<option value='2' selected='selected'>Werkgever</option>" : "<option value='2'>Werkgever</option>";
    }else{
            echo $result['user_type'] == 1 ? "<option value='1' selected='selected'>Vrijwilliger</option>" : "<option value='1'>Vrijwilliger</option>";
            echo $result['user_type'] == 2 ? "<option value='2' selected='selected'>Werkgever</option>" : "<option value='2'>Werkgever</option>";
        }
    echo"</select></td></tr>
    <tr><td class='pages_add_form_name'>Rechten * <br /><span class='description'>(De rechten van de gebruiker, is de gebruiker een normale gebruiker op de website of een administrator die toegang heeft tot het CMS?)</span></td><td class='pages_add_form_field'><select class='users_add_input_formL required' tabindex='3' id='userlevel' name='userlevel' size='1'>";
    if(isset($_POST['useropslaan']))
        {
            echo $_POST['userlevel'] == 1 ? "<option value='1' selected='selected'>Gebruiker</option>" : "<option value='1'>Gebruiker</option>  ";
            echo $_POST['userlevel'] == 2 ? "<option value='2' selected='selected'>Administrator</option>" : "<option value='2'>Administrator</option>";
    }else{
            echo $result['user_level'] == 1 ? "<option value='1' selected='selected'>Gebruiker</option>" : "<option value='1'>Gebruiker</option>  ";
            echo $result['user_level'] == 2 ? "<option value='2' selected='selected'>Administrator</option>" : "<option value='2'>Administrator</option>";
        }
    echo"</select></td></tr>
    <tr><td class='pages_add_form_name'>Status account</td><td class='pages_add_form_field'>";
    if(isset($_POST['useropslaan']))
        {
            echo $_POST['useractive'] == 1 ? "<input type='radio' tabindex='4' name='useractive' value='1' checked='checked' />" : "<input type='radio' tabindex='4' name='useractive' value='1' />";
            echo "Actief";
            echo $_POST['useractive'] == 0 ? "<input type='radio' tabindex='5' name='useractive' value='0' checked='checked' />" : "<input type='radio' tabindex='5' name='useractive' value='0' />";
            echo "Non-actief";
    }else{
            echo $result['user_active'] == 1 ? "<input type='radio' tabindex='4' name='useractive' value='1' checked='checked' />" : "<input type='radio' tabindex='4' name='useractive' value='1' />";
            echo "Actief";
            echo $result['user_active'] == 0 ? "<input type='radio' tabindex='5' name='useractive' value='0' checked='checked' />" : "<input type='radio' tabindex='5' name='useractive' value='0' />";
            echo "Non-actief";
        }
    echo"</td></tr>
    <th colspan=2>Persoonlijke Gegevens</th>
    <tr><td class='pages_add_form_name'>Voornaam * / Voorletters <br /><span class='description'>(Voorbeeld: Henk, H)</span></td><td class='pages_add_form_field'>
        <input class='users_add_input_formM required' tabindex='6' id='userfirstname' name='userfirstname' "; echo isset($_POST['useropslaan']) ? "value='".htmlentities($_POST['userfirstname'], ENT_QUOTES)."'" : "value='".$result['user_firstname']."'"; echo"/>
        <input class='users_add_input_formS' tabindex='7' id='userfirstletters' name='userfirstletters' "; echo isset($_POST['useropslaan']) ? "value='".htmlentities($_POST['userfirstletters'], ENT_QUOTES)."'" : "value='".$result['user_firstletters']."'"; echo"/></td></tr>
    <tr><td class='pages_add_form_name'>Tussenvoegsel / Achternaam * <br /><span class='description'>(Voorbeeld: van, Laar)</span></td><td class='pages_add_form_field'>
        <input class='users_add_input_formS' tabindex='8' id='usermidname' name='usermidname' "; echo isset($_POST['useropslaan']) ? "value='".htmlentities($_POST['usermidname'], ENT_QUOTES)."'" : "value='".$result['user_tussenvoegsel']."'"; echo"/>
        <input class='users_add_input_formM required' tabindex='9' id='userlastname' name='userlastname' "; echo isset($_POST['useropslaan']) ? "value='".htmlentities($_POST['userlastname'], ENT_QUOTES)."'" : "value='".$result['user_lastname']."'"; echo"/></td></tr>
    <tr><td class='pages_add_form_name'>Geboortedatum * <br /><span class='description'>(De geboortedatum van de gebruiker)</span></td><td class='pages_add_form_field'>
    <select tabindex='10' class='required users_add_input_formS' id='userbirthday' name='userbirthday' size='1'>";
    $explodebirth = explode(' ', $result['user_datebirth']);
    $birthday = $explodebirth[0];
    $birthmonth = $explodebirth[1];
    $birthyear = $explodebirth[2];
    for($d=1; $d<= 31; $d++)
        {
            if(isset($_POST['userbirthday']))
                {
                    $selected = $d == $_POST['userbirthday'] ? "selected='selected'" : "";
            }else{
                    $selected = $d == $birthday ? "selected='selected'" : "";
            }
            echo"<option value='".$d."'".$selected.">".$d."</option>";
        }
    echo"</select>
        <select tabindex='11' class='required users_add_input_formS' id='userbirthmonth' name='userbirthmonth' size='1'>";
    foreach($maanden as $maand)
        {
            if(isset($_POST['userbirthday']))
                {
                    $selected = $maand == $_POST['userbirthmonth'] ? "selected='selected'" : "";
            }else{
                    $selected = $maand == $birthmonth ? "selected='selected'" : "";
                }
            echo"<option value='".$maand."'".$selected.">".$maand."</option>";
        }
    echo"</select>
        <select tabindex='12' class='required users_add_input_formS' id='userbirthyear' name='userbirthyear' size='1'>";
    $jaartal = explode("/", date("M/j/Y", time()));
    $jaartal = $jaartal[2];
    for($y=1900; $y<=$jaartal; $y++)
        {
            if(isset($_POST['userbirthday']))
                {
                    $selected = $y == $_POST['userbirthyear'] ? "selected='selected'" : "";
            }else{
                    $selected = $y == $birthyear ? "selected='selected'" : "";
                }
            echo"<option value='".$y."' ".$selected.">".$y."</option>";
        }
    echo"</td></tr>
    <tr><td class='pages_add_form_name'>E-mail adres * <br /><span class='description'>(Voorbeeld: henk_laar@gmail.com)</span></td><td class='pages_add_form_field'>
        <input class='users_add_input_formL required' tabindex='13' id='useremail' name='useremail' "; echo isset($_POST['useropslaan']) ? "value='".htmlentities($_POST['useremail'], ENT_QUOTES)."'" : "value='".$result['user_email']."'"; echo"/></td></tr>
    <tr><td class='pages_add_form_name'>Adres / Huisnummer / Toevoeging <br /><span class='description'>(Voorbeeld: Hoeksteen, 13, A)</span></td><td class='pages_add_form_field'>
        <input class='users_add_input_formM' tabindex='14' id='userstreet' name='userstreet' "; echo isset($_POST['useropslaan']) ? "value='".htmlentities($_POST['userstreet'], ENT_QUOTES)."'" : "value='".$result['user_street']."'"; echo"/>
        <input class='users_add_input_formXS' tabindex='15' id='userstreetno' name='userstreetno' "; echo isset($_POST['useropslaan']) ? "value='".htmlentities($_POST['userstreetno'], ENT_QUOTES)."'" : "value='".$result['user_street_no']."'"; echo"/>
        <input class='users_add_input_formXS' tabindex='16' id='userstreetnoadd' name='userstreetnoadd' "; echo isset($_POST['useropslaan']) ? "value='".htmlentities($_POST['userstreetnoadd'], ENT_QUOTES)."'" : "value='".$result['user_street_no_add']."'"; echo"/></td></tr>
    <tr><td class='pages_add_form_name'>Postcode / Woonplaats <br /><span class='description'>(Voorbeeld: 3843AN, Harderwijk)</span></td><td class='pages_add_form_field'>
        <input class='users_add_input_formS' tabindex='17' maxlength='6' id='userzip' name='userzip' "; echo isset($_POST['useropslaan']) ? "value='".htmlentities($_POST['userzip'], ENT_QUOTES)."'" : "value='".$result['user_zip']."'"; echo"/>
    <select tabindex='17' class='users_add_input_formM' id='userhometown' name='userhometown'>";
    while($plaats = $db->sql_fetch_array($queryplaats))
        {
            if(isset($_POST['userhometown']))
                {
                    $selected = $plaats['loc_name'] == $_POST['userhometown'] ? "selected='selected'" : "";
                }else{
                    //you can use htmlentities on $plaats['loc_name'] or simply html_entity_decode on $result['user_hometown'], one or another, it gives the same thing :)
                    $selected = htmlentities($plaats['loc_name'], ENT_QUOTES) == $result['user_hometown'] ? "selected='selected'" : "";
                }
            echo"<option value=".htmlentities($plaats['loc_name'], ENT_QUOTES)." ".$selected.">".$plaats['loc_name']."</option>";
        }
    echo"<tr><td class='pages_add_form_name'>Telefoon Thuis / Mobiel / Zakelijk <br /><span class='description'>(Voorbeeld: 0341123456, 0612345678, 0341654321)</span></td><td class='pages_add_form_field'>
        <input class='users_add_input_formS' tabindex='19' maxlength='10' id='userphonehome' name='userphonehome' "; echo isset($_POST['useropslaan']) ? "value='".htmlentities($_POST['userphonehome'], ENT_QUOTES)."'" : "value='".$result['user_phone_home']."'"; echo"/>
        <input class='users_add_input_formS' tabindex='20' maxlength='10' id='userphonemobile' name='userphonemobile' "; echo isset($_POST['useropslaan']) ? "value='".htmlentities($_POST['userphonemobile'], ENT_QUOTES)."'" : "value='".$result['user_phone_mobile']."'"; echo"/>
        <input class='users_add_input_formS' tabindex='21' maxlength='10' id='userphonebusiness' name='userphonebusiness' "; echo isset($_POST['useropslaan']) ? "value='".htmlentities($_POST['userphonebusiness'], ENT_QUOTES)."'" : "value='".$result['user_phone_business']."'"; echo"/></td></tr>
    <tr><td class='pages_add_form_name' style='vertical-align : top;'>Beschrijving <br /><span class='description'>(De beschrijving van de gebruiker)</span></td><td class='pages_add_form_field'><textarea style='height:80px' class='user_add_input_form' tabindex='22' name='userabout'>"; echo isset($_POST['useropslaan']) ? htmlentities($_POST['userabout'], ENT_QUOTES) : $result['user_about']; echo"</textarea></td></tr>
    <tr><td class='pages_add_form_name'>Website / Naam link <br /><span class='description'>(Voorbeeld: http://www.vvbh.nl, VVBH)</span></td><td class='pages_add_form_field'>
        <input class='users_add_input_formM' tabindex='23' id='userwebsite' name='userwebsite' "; echo isset($_POST['useropslaan']) ? "value='".htmlentities($_POST['userwebsite'], ENT_QUOTES)."'" : "value='".$result['user_website']."'"; echo"/>
        <input class='users_add_input_formS' tabindex='24' id='userwebsitename' name='userwebsitename' "; echo isset($_POST['useropslaan']) ? "value='".htmlentities($_POST['userwebsitename'], ENT_QUOTES)."'" : "value='".$result['user_website_name']."'"; echo"/></td></tr>
    <tr><th colspan=4 align='center'>
    <input class='locations_button submit' tabindex='25' type='submit' id='useropslaan' name='useropslaan' value='Opslaan' />
    <input type='reset' name='reset' value='Reset' class='locations_button' />
    <input type='button' name='cancel' value='Annuleren' class='locations_button' onclick='window.location=\"".$zoekurl."\"' />
    </th></tr></form></table><div align='right'>* Verplichte velden</div>";
?>